All tasks and concepts presented in the previous chapters assumed you had the administrative rights to set up client and server connectivity, execute SQL statements, create database objects, and so on. In the real world, administrative rights are typically given only to selected individuals. In addition, the ability for users to access data must be controlled to comply with business requirements. DB2 uses a few constituents to support various security schemes. This chapter discusses each of the security components and provides examples.
In this chapter you will learn about:
The big picture of the DB2 security model
Different authentication methods that DB2 supports
Authentication methods using customized loadable libraries
How to enable data encryption
Database operations you can perform with the various administrative authorities
Controlling access to database objects
Obtaining the authorities and privileges information from the metadata
Considerations for Windows domain users